[Bug 446392] New: SSL error: Key usage violation
Simon Josefsson
simon at josefsson.org
Wed May 14 17:19:10 CEST 2008
Joe Orton <jorton at redhat.com> writes:
> I'm about to go on holiday so won't be able to look into this myself for
> a week or so; Fedora 9 ships with GnuTLS 2.0.4, but I can reproduce this
> with the slightly stale git checkout I had lying around, so I'd suspect
> this is a GnuTLS cert validation bug?
>
> $ ./bin/gnutls-cli svn.eionet.europa.eu
> Resolving 'svn.eionet.europa.eu'...
> Connecting to '217.74.209.183:443'...
> *** Fatal error: Key usage violation in certificate has been detected.
> *** Handshake has failed
Hi. Thanks for the report. Without further information, I believe that
is the correct behavior.
jas at mocca:~/src/gnutls$ gnutls-cli -d 4711 svn.eionet.europa.eu 2>&1 |grep 'Selected cipher'
|<3>| HSK[8074078]: Selected cipher suite: DHE_RSA_AES_128_CBC_SHA1
jas at mocca:~/src/gnutls$
RFC 2246 and 4346:
DHE_RSA RSA public key that can be used for
signing.
...
All certificate profiles and key and cryptographic formats are
defined by the IETF PKIX working group [PKIX]. When a key usage
extension is present, the digitalSignature bit MUST be set for the
key to be eligible for signing, as described above, and the
keyEncipherment bit MUST be present to allow encryption, as described
above. The keyAgreement bit must be set on Diffie-Hellman
certificates.
jas at mocca:~/src/gnutls$ certtool -i < cert.pem |grep 'Key Usage' -A 2
Key Usage (not critical):
Key encipherment.
Subject Key Identifier (not critical):
jas at mocca:~/src/gnutls$
In other words, the certificate must have the digitalSignature bit
enabled to be usable as a TLS server certificate for this ciphersuite.
/Simon
More information about the Gnutls-devel
mailing list